Commit Graph

237675 Commits

Author SHA1 Message Date
Ben Woods
9165316ff6 newsyslog.conf: Restrict included files in default config to [!.]*.conf
The new default config will only include files from the following
directories which end with '.conf' and do not beginning with a '.'
character:
- /etc/newsyslog.conf.d/
- /usr/local/etc/newsyslog.conf.d/

This matches the syslog.conf(5) functionality, and also prevents '.sample' or
'.pkgnew' files being included. This is important for ports which install files
in /usr/local/etc/newsyslog.conf.d/ and also for pkgbase.

Approved by:	eadler
Approved by:	bapt
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D17086
2018-11-10 10:46:38 +00:00
Alan Somers
98f8234b13 libjail: fix handling of allow.mount.fusefs in jailparam_init
fusefs is inconsistently named. The kernel module is named "fuse", but the
mount helper is named "mount_fusefs" and the jail(8) parameter is named
"allow.mount.fusefs". Special case it in libjail.

Reviewed by:	jamie
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D17929
2018-11-10 03:10:22 +00:00
Mark Johnston
86af1d0241 Ensure that IP fragments do not extend beyond IP_MAXPACKET.
Such fragments are obviously invalid, and when processed may end up
violating the sort order (by offset) of fragments of a given packet.
This doesn't appear to be exploitable, however.

Reviewed by:	emaste
Discussed with:	jtl
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17914
2018-11-10 03:00:36 +00:00
Justin Hibbits
266b2aa146 powerpc: Use MAX() macro instead of max() inline function to calculate Maxmem
Maxmem is the highest address for physical memory in the system.  It's
measured in pages which, since max() returns a u_int, should allow for up to
2^44 bytes of memory addressable by the system.  However, on POWER9 systems
at least, memory addressed by additional socketed CPUs begins at addresses
far above the 2^44 mark, causing issues with memory accesses and DMA, when
memory is addressed on the auxiliary CPUs.  Use the MAX() macro instead,
which doesn't convert arguments, so retains Maxmem and all calculations as
its defined long type (64-bit on powerpc64), keeping the maximum address
correct.

Submitted by:	mmacy
2018-11-10 02:37:56 +00:00
Alexander Motin
1fcdb58634 Do not ignore arc_adjust() return value.
This covers scenario when ARC may not shrink as fast as it could:
1. arc_size < arc_c and arc_adjust() does not evict anything, returning
   zero to arc_reclaim_thread();
2. arc_available_memory() reports memory pressure, which can not be
   satisfied by arc_kmem_reap_now();
3. arc_shrink() reduces arc_c and calls arc_adjust(), return of which is
   ignored;
4. even if the last arc_adjust() could not satisfy arc_size < arc_c,
   arc_reclaim_thread() will still go to sleep, since the first one
   returned zero.

Reviewed by:	allanjude, markj, sef
MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D17927
2018-11-10 01:58:37 +00:00
Stephen Hurd
cf49cdd5a3 Fix first-packet completion
The first packet after the ring is initialized was never
completed as isc_txd_credits_update() would not include it in the
count of completed packets. This caused netmap to never complete
a batch. See PR 233022 for more details.

PR:		233022
Reported by:	lev
Reviewed by:	lev
MFC after:	3 days
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D17931
2018-11-09 22:18:43 +00:00
John Baldwin
fe03ca08a6 Use tcp_state_change() in the cxgbe(4) TOE module.
r254889 added tcp_state_change() as a centralized place to log state
changes in TCP connections for DTrace.  r294869 and r296881 took
advantage of this central location to manage per-state counters.
However, TOE sockets were still performing some (but not all) state
change updates via direct assignments to t_state.  This resulted in
state counters underflowing when TOE was in use.  Fix by using
tcp_state_change() when changing a TOE connection's state.

Reviewed by:	np, markj
MFC after:	1 month
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D17915
2018-11-09 21:16:45 +00:00
Brooks Davis
4b499c75f9 Regen after r340302: Fix freebsd32 mknod(at).
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17928
2018-11-09 21:02:07 +00:00
Brooks Davis
9a38df59e9 Fix freebsd32 mknod(at).
As dev_t is now a 64-bit integer, it requires special handling as a
system call argument.  64-bit arguments are split between two 64-bit
integers due to the way arguments are promoted to allow reuse of most
system call implementations.  They must be reassembled before use.
Further, 64-bit arguments at an odd offset (counting from zero) are
padded and slid to the next slot on powerpc and mips.  Fix the
non-COMPAT11 system call by adding a freebsd32_mknodat() and
appropriately padded declerations.

The COMPAT11 system calls are fully compatible with the 64-bit
implementations so remove the freebsd32_ versions.

Use uint32_t consistently as the type of the old dev_t.  This matches
the old definition.

Reviewed by:	kib
MFC after:	3 days
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17928
2018-11-09 21:01:16 +00:00
Ed Maste
c4698dec73 Add comment to explain kernel ldscript 0x200000 constant
Reported by:	linimon
2018-11-09 20:33:38 +00:00
Ed Maste
961eb44346 libllvm: Move SampleProfWriter to SRCS_MIN
It is required by llvm-profdata, now built by default under the
LLVM_COV knob.  The additional complexity that would come from avoiding
building it if CLANG_EXTRAS and LLVM_COV are both disabled is not worth
the small savings in build time.

Sponsored by:	The FreeBSD Foundation
2018-11-09 19:51:26 +00:00
Ed Maste
1d3ffc719e Octeon SDK: avoid use of uninitialized variable
Reported by:	Clang
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2018-11-09 19:17:25 +00:00
Ed Maste
8573e2c388 use -m ${LD_EMULATION} for binary->elf link invocation
r306041 changed ld invocations for converting binary files to kernel
ELF objects to pass -m, but missed bespoke ld invocations in a pair of
arm file configs (one of which has since been removed).

This is needed to support some external toolchains and lld.

Sponsored by:	The FreeBSD Foundation
2018-11-09 19:16:01 +00:00
Kyle Evans
13cf5074d0 Use ${ECHO} in dtb/dtbo build, pass in from dtb.mk for -s
Reported by:	sbruno
MFC after:	3 days
2018-11-09 18:56:40 +00:00
Ed Maste
e8bd280446 Move llvm-profdata build into MK_LLVM_COV block
llvm-profdata is used with llvm-cov for code coverage (although llvm-cov
can also operate independently in a gcov-compatible mode).
Although llvm-profdata can be used independently of llvm-cov it makes
sense to group these under one option.

Also handle these in OptionalObsoleteFiles.inc while here.

Sponsored by:	The FreeBSD Foundation
2018-11-09 18:35:09 +00:00
Brooks Davis
1632f36305 Regen after r340294: Fix a number of bugs in freebsd32's capabilities.conf.
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17925
2018-11-09 18:06:25 +00:00
Brooks Davis
d457c0b61b Fix a number of bugs in freebsd32's capabilities.conf.
Bugs range from failure to update after changing syscall implementaion
names to using the wrong name.  Somewhat confusingly, the name in
capabilities.conf is exactly the string that appears in syscalls.master,
not the name with a COMPAT* prefix which is the actual function name.

Found while making a change to use the default capabilities.conf.

Fixes:	r335177, r336980, r340272, r340274, others
Reviewed by:	kib, emaste
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17925
2018-11-09 18:03:01 +00:00
Ed Maste
9f7331ad2c llvm-cov: also install as gcov (if GNU gcov is disabled)
llvm-cov provides a gcov-compatible interface when invoked as gcov.

Reviewed by:	dim, markj
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17923
2018-11-09 17:43:19 +00:00
Ed Maste
c59e510923 nvi: remove superfluous space before ^\
This fixes alignment in vi's 'viusage' command and has been fixed
upstream and in OpenBSD.

Submitted by:	Raf Czlonka (github:rjc)
MFC after:	1 week
Pull Request:	https://github.com/freebsd/freebsd/pull/122
2018-11-09 17:39:57 +00:00
Ed Maste
2f02c9d6d5 Consolidate gcov entries in OptionalObsoleteFiles
Sponsored by:	The FreeBSD Foundation
2018-11-09 15:27:41 +00:00
Li-Wen Hsu
b0e9618e68 Fix test: sys.netpfil.pf.pass_block.noalias
Replace hard-coded epair0b with the variable holds the real epair interface
used for testing.

Reviewed by:	kp
Approved by:	emaste, markj (mentors)
MFC with:	r339836
Sponsored by:	The FreeBSD Foundation
2018-11-09 15:24:24 +00:00
Ed Maste
b6274d1775 kldxref: use appropriate Elf_Off type for offsets
Submitted by:	Mitchell Horne <mhorne063@gmail.com>
Reviewed by:	kib
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D13957
2018-11-09 15:02:53 +00:00
Jilles Tjoelker
bb324af62a sh: Unify EXERROR and EXEXEC
The difference between EXERROR and EXEXEC was that EXEXEC passed along
exitstatus and EXERROR set exitstatus to 2 in the handling code.

By changing the places that raised EXERROR to set exitstatus to 2, the
handling of EXERROR and EXEXEC becomes the same.
2018-11-09 14:58:24 +00:00
Mateusz Piotrowski
a641e44515 Cross-reference nohup(1) and daemon(8).
Reviewed by:	bcr
Approved by:	krion (mentor, implicit), mat (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D17920
2018-11-09 13:47:06 +00:00
Vincenzo Maffione
689f146bdd netmap: add load balancer program
Add the lb program, which is able to load-balance input traffic
received from a netmap port over M groups, with N netmap pipes in
each group. Each received packet is forwarded to one of the pipes
chosen from each group (using an L3/L4 connection-consistent hash function).
This also adds a man page for lb and some cross-references in related
man pages.

Reviewed by:	bcr, 0mp
Approved by:	gnn (mentor)
Differential Revision:	https://reviews.freebsd.org/D17735
2018-11-09 08:43:40 +00:00
Yuri Pankov
9eb7d595e1 Reset persistent mbstates when rune locale encoding changes.
This was shown to be a problem by side effect of now-enabled test case,
which was going through C, en_US.UTF-8, ja_JP.SJIS, and ja_JP.eucJP,
and failing eventually as data in mbrtowc's mbstate, that was
perfectly correct for en_US.UTF-8 was treated as incorrect for
ja_JP.SJIS, failing the entire test case.

This makes the persistent mbstates to be per ctype-component,
and not per-locale so we could easily reset the mbstates when
only LC_CTYPE is changed.

Reviewed by:	bapt, pfg
Approved by:	kib (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D17796
2018-11-09 03:32:53 +00:00
Brooks Davis
e1e300b671 Regen after r340274: Make freebsd32_utmx_op follow the freebsd32_foo
convention.
2018-11-09 00:46:50 +00:00
Brooks Davis
b34f4419fb Make freebsd32_umtx_op follow the freebsd32_foo convention.
Sponsored by:	DARPA, AFRL
2018-11-09 00:46:10 +00:00
Brooks Davis
86e06fa55b Regen after 340272: Make __sysctl follow the freebsd32_foo convention
Sponsored by:	DARPA, AFRL
2018-11-09 00:22:45 +00:00
Brooks Davis
4074751718 Make __sysctl follow the freebsd32_foo convention.
Sponsored by:	DARPA, AFRL
2018-11-09 00:21:58 +00:00
Kristof Provost
55177f18a1 pf tests: Test PR 183198
Create a table which is only used inside an anchor, ensure that the
table exists.

PR:		183198
MFC after:	2 weeks
2018-11-08 21:56:06 +00:00
Kristof Provost
87e4ca37d5 pf: Prevent tables referenced by rules in anchors from getting disabled.
PR:		183198
Obtained from:	OpenBSD
MFC after:	2 weeks
2018-11-08 21:54:40 +00:00
Kristof Provost
0f9e47a9c4 pfctl: Populate ifname in ifa_lookup()
pfctl_adjust_skip_ifaces() relies on this name.

MFC after:	2 weeks
2018-11-08 21:53:09 +00:00
Justin Hibbits
8f04c0c06b powerpc64: Fix "show spr" command on ELFv2 kernels
Summary: When compiling for ELFv2, it is necessary to adjust the offset to
get_spr and factor in the function prologue to ensure the correct instruction is
being edited.

Test Plan:
Before:
```
db> show spr 110
KDB: reentering
KDB: stack backtrace:
0xc008000020fb96e0: at 0xc000000002bb2e34 = kdb_backtrace+0x68
0xc008000020fb97f0: at 0xc000000002bb3798 = kdb_reenter+0x54
0xc008000020fb9860: at 0xc000000002f87090 = trap+0x4e4
0xc008000020fb9990: at 0xc000000002f78a60 = powerpc_interrupt+0x110
0xc008000020fb9a20: kernel trap 0xe40 by 0xc000000002401978 = get_spr+0x8: srr1=0x9000000000001032
            r1=0xc008000020fb9cd0 cr=0x80009438 xer=0x20040000 ctr=0xc000000002f7b40c r2=0xc0000000037fd000
saved LR(0xfffffffffffffffb) is invalid.
```

After:

```
db> show spr 110
SPR 272(110): c000000003cae900
```

Submitted by:	git_bdragon.rtk0.net
Differential Revision: https://reviews.freebsd.org/D17813
2018-11-08 20:48:44 +00:00
Justin Hibbits
ad39591ad2 powerpc/powernv: Restrict the busdma tag to only POWER8
It seems this tag is causing problems on POWER9 systems.  Since no POWER9 user
has encountered the problem fixed by r339589 just restrict it to POWER8 for now.
A better fix will likely be to update powerpc/busdma_machdep.c to handle the
window correctly.

Reported by:	mmacy, others
2018-11-08 20:31:12 +00:00
Ed Maste
2bfaf585ca Avoid buffer underwrite in icmp_error
icmp_error allocates either an mbuf (with pkthdr) or a cluster depending
on the size of data to be quoted in the ICMP reply, but the calculation
failed to account for the additional padding that m_align may apply.

Include the ip header in the size passed to m_align.  On 64-bit archs
this will have the net effect of moving everything 4 bytes later in the
mbuf or cluster.  This will result in slightly pessimal alignment for
the ICMP data copy.

Also add an assertion that we do not move m_data before the beginning of
the mbuf or cluster.

Reported by:	A reddit user
Reviewed by:	bz, jtl
MFC after:	3 days
Security:	CVE-2018-17156
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17909
2018-11-08 20:17:36 +00:00
Eric van Gyzen
68b840878c in6_ifattach_linklocal: handle immediate removal of the new LLA
If another thread immediately removes the link-local address
added by in6_update_ifa(), in6ifa_ifpforlinklocal() can return NULL,
so the following assertion (or dereference) is wrong.
Remove the assertion, and handle NULL somewhat better than panicking.
This matches all of the other callers of in6_update_ifa().

PR:		219250
Reviewed by:	bz, dab (both an earlier version)
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D17898
2018-11-08 19:50:23 +00:00
Eric Joyner
37761e2eda ixl/iavf(4): Fix TSO offloads when TXCSUM is disabled
From Jake:
The iflib stack does not disable TSO automatically when TXCSUM is
disabled, instead assuming that the driver will correctly handle TSOs
even when CSUM_IP is not set.

This results in iflib calling ixl_isc_txd_encap with packets which have
CSUM_IP_TSO, but do not have CSUM_IP or CSUM_IP_TCP set. Because of
this, ixl_tx_setup_offload will not setup the IPv4 checksum offloading.

This results in bad TSO packets being sent if a user disables TXCSUM
without disabling TSO.

Fix this by updating the ixl_tx_setup_offload function to check both
CSUM_IP and CSUM_IP_TSO when deciding whether to enable IPv4 checksums.

Once this is corrected, another issue for TSO packets is revealed. The
driver sets IFLIB_NEED_ZERO_CSUM in order to enable a work around that
causes the ip->sum field to be zero'd. This is necessary for ixl
hardware to correctly perform TSOs.

However, if TXCSUM is disabled, then the work around is not enabled, as
CSUM_IP will not be set when the iflib stack checks to see if it should
clear the sum field.

Fix this by adding IFLIB_TSO_INIT_IP to the iflib flags for the iavf and
ixl interface files.

It is uncertain if the hardware needs IFLIB_NEED_ZERO_CSUM for any other
case besides TSO, so leave that flag assigned. It may be worth
investigating to see if this work around flag could be disabled in
a future change.

Once both of these changes are made, the ixl driver should correctly
offload TSO packets when TSO4 offload is enabled, regardless of whether
TXCSUM is enabled or disabled.

Submitted by:	Jacob Keller <jacob.e.keller@intel.com>
Reviewed by:	erj@, shurd@
MFC after:	0 days
Sponsored by:	Intel Corporation
Differential Revision:	https://reviews.freebsd.org/D17900
2018-11-08 19:10:43 +00:00
Mark Johnston
5186028dc4 Use --work-tree instead of specifying an absolute path.
Otherwise the diff command being run from outside the checkout resulted
in warnings.

Discussed with:	emaste
X-MFC with:	r340083
2018-11-08 17:20:00 +00:00
Hans Petter Selasky
ba2c34f4f2 Put a size limit on the opensm.log and use bzip2(1).
Discussed with:		markj@
Sponsored by:		Mellanox Technologies
2018-11-08 17:00:05 +00:00
Hans Petter Selasky
fa895a749e Revert r340246.
Sponsored by:		Mellanox Technologies
2018-11-08 16:23:09 +00:00
Mateusz Guzik
f1161465f4 amd64: align memset buffers to 16 bytes before using rep stos
Both Intel manual and Agner Fog's docs suggest aligning to 16.

See the review for benchmark results.

Reviewed by:	kib (previous version)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17661
2018-11-08 15:12:36 +00:00
Bjoern A. Zeeb
3535919391 Update rum(4) and run(4) man pages to reflect that newer versions
of TP-LINK TL-WN321G are run(4) and not rum(4) anymore.

Reported by:	J (tech-lists zyxst.net)
MFC after:	3 days
2018-11-08 14:46:21 +00:00
Eugene Grosbein
6ff080c445 ipfw.8: fix small syntax error in an example
MFC after:	3 days
2018-11-08 13:17:38 +00:00
Hans Petter Selasky
fb8a716d28 Don't read the USB audio sync endpoint when we don't use it to save
isochronous bandwidth.

MFC after:		3 days
Sponsored by:		Mellanox Technologies
2018-11-08 12:46:47 +00:00
Hans Petter Selasky
5e0e7e1846 Add /var/log/opensm.log to list of rotating log files.
MFC after:		3 days
Sponsored by:		Mellanox Technologies
2018-11-08 12:43:13 +00:00
Eugene Grosbein
c0a3773ad2 ping(8): improve diagnostics in case of wrong arguments.
For example, in case of super-user:
$ sudo ping -s -64 127.0.0.1
PING 127.0.0.1 (127.0.0.1): -64 data bytes
ping: sendto: Invalid argument

For unprivileged user:
$ ping -s -64 127.0.0.1
ping: packet size too large: 18446744073709551552 > 56: Operation not permitted

Fix this by switching from strtoul() to strtol() for integer arguments
and adding explicit checks for negative values.

MFC after:	1 month
2018-11-08 09:45:13 +00:00
Brooks Davis
0a9fcf3237 Add a top-level make target to rebuild all sysent files.
The sysent target is useful when changing makesyscalls.sh, when
making paired changes to syscalls.master files, or in a future where
freebsd32 sysent entries are built from the default syscalls.master.

Reviewed by:	bdrewery
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17899
2018-11-08 00:35:00 +00:00
Mark Johnston
150d384e5c Fix a use-after-free in swp_pager_meta_free().
This was introduced in r326329 and explains the crashes mentioned in
the commit log message for r339934.  In particular, on INVARIANTS
kernels, UMA trashing causes the loop to exit early, leaving swap
blocks behind when they should have been freed.  After r336984 this
became more problematic since new anonymous mappings were more
likely to reuse swapped-out subranges of existing VM objects, so faults
would trigger pageins of freed memory rather than returning zeroed
pages.

Reviewed by:	kib
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17897
2018-11-07 23:28:11 +00:00
Toomas Soome
a3fd276be0 loader: ptable_open() check for ptable_cd9660read result is wrong
The ptable_*read() functions return NULL on read errors (and partition table
closed as an side effect). The ptable_open must check the return value and
act properly.

PR:		232483
Reported by:	lev
Reviewed by:	lev,cem
Differential Revision:	https://reviews.freebsd.org/D17890
2018-11-07 21:36:52 +00:00